A vulnerability was found in the Linux kernel’s ALSA sequencer, where the snd_seq_timer_open() function fails to properly manage concurrent access to timer instances, which could allow multiple calls to override the timer, leading to a potential use-after-free issue if a timer continues running after its associated queue is closed.
Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.